TRUECRYPT 7 Released

Discussion in 'privacy technology' started by chiraldude, Jul 19, 2010.

Thread Status:
Not open for further replies.
  1. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,737
    Hi ABee,

    Thanks for the explanation. Do you know off the top of your head what softwares can do this? Anytime I had to come up with password, it was always weak. I was never good at this.

    When you image your system do you decrypt it first?
     
  2. ABee

    ABee Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    330
    I don't use any such software, so can't vouch for any of them.

    A Google search is here: http://www.google.com/search?hl=en&source=hp&q=password generator&btnG=Google Search

    A couple of websites that will do it here:
    http://strongpasswordgenerator.com/
    https://www.grc.com/passwords.htm

    A downloadable software here: http://www.pctools.com/guides/password/

    Some other general thoughts and info here: http://lifehacker.com/184773/geek-to-live--choose-and-remember-great-passwords

    No, I don't-- because my system isn't encrypted to begin with.
    I only create TrueCrypt volumes, and put any files I want kept private inside of that/those volumes.

    I believe though, that the only way to image a drive is with the drive unencrypted.
    If that's not so, someone can correct me.
     
  3. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,737
    Wow, thanks for the links.

    Oh, I see you create virtual volumes. Is this program fairly easy to use?
     
  4. ABee

    ABee Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    330
    I suppose that depends on the individual. As far as I'm concerned it is. YMMV.

    There's a 'wizard' that guides you through volume creation. I'd imagine there's also one to guide you through whole disk encryption.

    Btw, a 'volume' is nothing more than a created file. You can name it anything, give it any file extension.
     
  5. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,737
    I went to the site and they have a tutorial that walks you through everything. Thanks for your input.
     
  6. Happer

    Happer Registered Member

    Joined:
    Aug 24, 2010
    Posts:
    6
    Hello everyone,
    I Have a question about Stones boot kit, It probably affects this version of TrueCrypt too , my question is:
    Assuming I have a laptop with whole drive encryption, and someone gets their hands on it when it is powered OFF, can he actually like... boot from some USB key / whatever, write this bootkit to my MBR
    (with the hard drive still encrypted because he didn't go through trueCrypt's loader )
    and bypass trueCrypt's boot loader, meaning decrypting the drive without any password?
    Or will it only work if he installs it on a running OS and drive mounted, so the boot kit knows password from memory?
     
  7. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,026
    Location:
    Hawaii
    The drive cannot be decrypted without the password. However, your attacker could use a technique similar to what you described to plant a software keylogger that would capture your password the next time you logged in.
     
  8. Happer

    Happer Registered Member

    Joined:
    Aug 24, 2010
    Posts:
    6
    Thanks for the replay,
    what you say is bad , but at least not bad as I thought, at least trueCrypt is effective in a scenario where you Don't actually don't get your laptop back.:p
     
  9. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    There are ways to block such attacks. With truecrypt you can create a "rescue" disk that contains a copy of the boot loader and volume header. If you suspect someone could have tampered with the boot loader you can boot the rescue disk and restore the boot loader to a known secure state.
     
  10. Happer

    Happer Registered Member

    Joined:
    Aug 24, 2010
    Posts:
    6
    https://www.wilderssecurity.com/showthread.php?t=280741
     
    Last edited: Sep 3, 2010
  11. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,278
    Location:
    Outer space
    Then you can use you Truecrypt rescue CD to boot and if you want also restore the original boot loader ;)
     
  12. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,278
    Location:
    Outer space
    Nevermind, stupid question
     
    Last edited: Sep 5, 2010
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    82,415
    Location:
    Texas
    The H Security
     
  14. Thedoorisopen

    Thedoorisopen Registered Member

    Joined:
    Mar 14, 2010
    Posts:
    1
    Anyone know why the MS ctfmon process key listed under the HKEY_Current_User section of the registry has an entry for TrueCrypt? I have TC on the system, but what does ctfmon have to do with that, that's an MS service for text services.

    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "TrueCrypt"="\"C:\\Program Files\\TrueCrypt\\TrueCrypt.exe\" /q preferences"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
     
  15. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    I use TC travelers mode, a 6GB data file.

    When a new TC version comes out, can I just extract the new TC files into my TC folder?

    OR, do I need to start from scratch and create a brand new 6GB container?
     
  16. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,531
    Location:
    British Columbia
    Hey There Mozart

    Is it still impossible to use TC travelers mode on a non-admin machine without TC installedo_O ?

    Thanks!
     
  17. acuariano

    acuariano Registered Member

    Joined:
    Nov 4, 2005
    Posts:
    786
    anyway to run truecrypt on a bootcd??
     
  18. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    "Is it still impossible to use TC travelers mode on a non-admin machine without TC installed?"

    If you can't login as admin you can't load the TC driver.
    Probably not what you want but you can run TC from a BartPE disk.
    Of course this requires booting from a CD or thumbdrive.
    If you can boot from CD you could also boot using KON-BOOT and bypass admin password. Of course you could get into trouble if you have agreed to terms that ban you from gaining admin access.
    If you are talking about a computer lab then you could request that the admin load the TC driver so all users can have access.
     
  19. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,312
    Location:
    Here, There and Everywhere
    In short, no, you cannot use TrueCrypt without admin access and that includes the portable version.

    You can use TC to open older volumes back to TC 4 I believe.
     
  20. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,531
    Location:
    British Columbia
    This is alittle OT but i asked because this is an important feature i feel. It appears the free Rohos Mini Drive can accomplish this without admin rights. Any thoughts??

    www.rohos.com/products/rohos-mini-drive
     
  21. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,312
    Location:
    Here, There and Everywhere
  22. acuariano

    acuariano Registered Member

    Joined:
    Nov 4, 2005
    Posts:
    786

    i wonder about a bootcd becuase the system can get unbootable,,,and just in case.
     
  23. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,531
    Location:
    British Columbia
  24. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,278
    Location:
    Outer space
    Yes, you can put in in a bootable image, but the easiest way is launch the boot CD and put portable truecrypt on a USB thumbstick and run it from there.
     
  25. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    I'm a newbie to TrueCrypt - running version 7 now. I used it to encrypt my work computer's hard drive (pre-boot authentication), which went without a hitch, and on my personal laptop, I encrypted an SD card and added a container to another one. I'm getting ready to encrypt the whole system and then all my external hard drives, but not sure if TrueCrypt can handle it because I have a multi-boot system as follows:

    I replaced Windows boot loader (ntldr) with grub (i.e. renamed grldr to ntldr and copied it to C:\ ). I then added a bunch of options to the grub menu, one of which points to windows' boot loader (now under c:\ntldrxp), most of the other links point to a USB-mounted MicroSD card, which has BartXPE installed on it (I keep this device semi-permanently attached to my laptop).

    If I encrypt my system partition ( C:\ ), will the pre-boot authentication take effect before the secondary boot loader (ntldr/grub) loads? If yes, and I boot to BartXPE, will my Windows system partition be open and usable from there (i.e. not raw), or how can I make it work like that?
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.